[php-maint] Bug#658208: [php5] README.Debian.security: "problems used by sloppy developers"
chealer at gmail.com
Wed Feb 1 00:53:13 UTC 2012
> Most specifically, the security team will not provide
> support for flaws in:
> - problems which are not flaws in the design of php but can be
> when used by sloppy developers (for example: not checking the contents
> of a tar file before extracting it, using unserialize() on
> untrusted data, or relying on a specific value of short_open_tag).
Sloppy developers do not use problems, although crackers may.
This is unclear and I frankly wouldn't know how to reformulate besides:
> - application code
But if that's what it means, then I don't think it's worth a mention at
More information about the pkg-php-maint